UUIDs and GUIDs are far too complicated, personally I don't like using them. There are multiple "versions" (really, generation algorithms) of UUID and GUID, each with their own problems:<p>* Some types of UUID uniquely identify the machine they were generated on (one version contains the MAC address + current time, another contains the POSIX UID/GID + domain name) - this got Microsoft into hot water in the 1990s when Word added GUIDs to documents, which meant you could trace documents Stasi-style<p>* Some types of UUID are based on insecure hashing algorithms (MD5 and SHA1)<p>* Some types of UUID are namespaced, because everything needs namespaces, obviously<p>* There's a specially reserved type for Microsoft to use for special COM objects<p>There's only one mode you should actually use, which is the random bits.<p>UUIDs and GUIDs also have a weird spacing of dashes. You'd expect three dashes, splitting it into a sequence of 4-byte chunks, but no: it's split into 4-2-2-2-6, for some reason. And which chunk it is matters, because different chunks <i>have different endianness</i>. Some of them are considered numbers, some of them bytes, even though they all look the same. Some of them have special significance (it contains two different version numbers!), with no especially obvious rhyme or reason to their placement. Oh, and the endianness is implementation-defined: GUIDs are partly "native" endian (usually little-endian, then), partly big-endian, whereas UUIDs are <i>typically</i> big-endian. How do you tell them apart? Well, GUIDs are <i>usually</i> written in capitals, and UUIDs are <i>usually</i> written in lowercase.<p>I just use 16 random bytes encoded in hexadecimal, separated by three dashes at 4-byte increments. No hashing algorithms, versions, endianness issues, namespacing, severe privacy problems, just random bytes. It's not only simpler, it has more bits of entropy, and is easier to generate.